Merge pull request #20334 from ktoso/wip-tls1.2-more-sslconfig-links

+htp,str #20326 more links to ssl-config and update default TLS version

akka-docs/rst/java/http/client-side/https-support.rst

@@ -45,6 +45,19 @@ to rely on the configured default client-side ``HttpsContext``.
 If no custom ``HttpsContext`` is defined the default context uses Java's default TLS settings. Customizing the
 ``HttpsContext`` can make the Https client less secure. Understand what you are doing!
 
+SSL-Config
+----------
+
+Akka HTTP heavily relies on, and delegates most configuration of any SSL/TLS related options to
+`Lightbend SSL-Config`_, which is a library specialized in providing an secure-by-default SSLContext
+and related options.
+
+Please refer to the `Lightbend SSL-Config`_ documentation for detailed documentation of all available settings.
+
+SSL Config settings used by Akka HTTP (as well as Streaming TCP) are located under the `akka.ssl-config` namespace.
+
+.. _Lightbend SSL-Config: http://typesafehub.github.io/ssl-config/
+
 Detailed configuration and workarounds
 --------------------------------------
 

akka-docs/rst/scala/http/client-side/https-support.rst

@@ -45,6 +45,19 @@ to rely on the configured default client-side ``HttpsContext``.
 If no custom ``HttpsContext`` is defined the default context uses Java's default TLS settings. Customizing the
 ``HttpsContext`` can make the Https client less secure. Understand what you are doing!
 
+SSL-Config
+----------
+
+Akka HTTP heavily relies on, and delegates most configuration of any SSL/TLS related options to
+`Lightbend SSL-Config`_, which is a library specialized in providing an secure-by-default SSLContext
+and related options.
+
+Please refer to the `Lightbend SSL-Config`_ documentation for detailed documentation of all available settings.
+
+SSL Config settings used by Akka HTTP (as well as Streaming TCP) are located under the `akka.ssl-config` namespace.
+
+.. _Lightbend SSL-Config: http://typesafehub.github.io/ssl-config/
+
 Detailed configuration and workarounds
 --------------------------------------
 

akka-docs/rst/scala/http/low-level-server-side-api.rst

@@ -155,6 +155,21 @@ optional ``httpsContext`` parameter, which can receive the HTTPS configuration i
 instance.
 If defined encryption is enabled on all accepted connections. Otherwise it is disabled (which is the default).
 
+For detailed documentation for client-side HTTPS support refer to :ref:`clientSideHTTPS`.
+
+SSL-Config
+----------
+
+Akka HTTP heavily relies on, and delegates most configuration of any SSL/TLS related options to
+`Lightbend SSL-Config`_, which is a library specialized in providing an secure-by-default SSLContext
+and related options.
+
+Please refer to the `Lightbend SSL-Config`_ documentation for detailed documentation of all available settings.
+
+SSL Config settings used by Akka HTTP (as well as Streaming TCP) are located under the `akka.ssl-config` namespace.
+
+.. _Lightbend SSL-Config: http://typesafehub.github.io/ssl-config/
+
 .. _http-server-layer-scala:
 
 Stand-Alone HTTP Layer Usage

akka-stream/src/main/resources/reference.conf

@@ -93,8 +93,6 @@ akka {
 
   # configure overrides to ssl-configuration here (to be used by akka-streams, and akka-http – i.e. when serving https connections)
   ssl-config {
-    # due to still supporting JDK6 in this release
+    protocol = "TLSv1.2"
-    # TODO once JDK 8 is required switch this to TLSv1.2 (or remove entirely, leave up to ssl-config to pick)
-    protocol = "TLSv1"
   }
 }